Skip to content

Enrich JWT claims with user context and ensure DID key

POST
/api/v1/auth/claims-enrichment
curl --request POST \
--url https://localhost:8080/api/v1/auth/claims-enrichment \
--header 'Content-Type: application/json' \
--data '{ "attributes": { "additionalProperty": "example" }, "email": "example", "groups": [ "example" ], "name": "example", "picture": "example", "provider": "example", "user_id": "example" }'

Called by IDP Actions/Hooks to provision the user, return organization/project/role custom claims for the JWT, and create a DID key when one is missing

User information

Media type application/json
object
attributes

Keycloak user attributes

object
key
additional properties
string
email
string
groups

Keycloak groups

Array<string>
name
string
picture
string
provider

IDP provider type (e.g., “auth0”, “keycloak”)

string
user_id
string
Example generated
{
"attributes": {
"additionalProperty": "example"
},
"email": "example",
"groups": [
"example"
],
"name": "example",
"picture": "example",
"provider": "example",
"user_id": "example"
}

Custom claims to add to JWT (includes did_key_id if available)

Media type application/json
object
custom_claims
object
key
additional properties
Example generated
{
"custom_claims": {
"additionalProperty": "example"
}
}

Bad request - Invalid request body

Media type application/json
object
error
string
error_description
string
Example
{
"error": "Unauthorized",
"error_description": "Invalid token"
}

Unauthorized - Invalid API secret

Media type application/json
object
error
string
error_description
string
Example
{
"error": "Unauthorized",
"error_description": "Invalid token"
}

Internal server error

Media type application/json
object
error
string
error_description
string
Example
{
"error": "Unauthorized",
"error_description": "Invalid token"
}